Search RFCs

RFC Editor

File formats:

Status:

EXPERIMENTAL

Authors:

Y. Oiwa
H. Watanabe
H. Takagi
K. Maeda
T. Hayashi
Y. Ioku

Stream:

IETF

Source:

httpauth (sec)

Cite this RFC:TXT  | XML  |  BibTeX

DOI:  https://doi.org/10.17487/RFC8053

Discuss this RFC: Send questions or comments to the mailing listietf-http-wg@w3.org

Other actions:Submit Errata  | Find IPR Disclosures from the IETF  | View History of RFC 8053

Abstract

This document specifies extensions for the HTTP authenticationframework for interactive clients. Currently, fundamental featuresof HTTP-level authentication are insufficient for complexrequirements of various Web-based applications. This forces theseapplications to implement their own authentication frameworks bymeans such as HTML forms, which becomes one of the hurdles againstintroducing secure authentication mechanisms handled jointly byservers and user agents. The extended framework fills gaps betweenWeb application requirements and HTTP authentication provisions tosolve the above problems, while maintaining compatibility withexisting Web and non-Web uses of HTTP authentication.

For the definition ofStatus,seeRFC 2026.

For the definition ofStream, seeRFC 8729.